Filtered by vendor Debian
Subscribe
Total
8236 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-5808 | 2 Debian, Libraw | 2 Debian Linux, Libraw | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code. | |||||
CVE-2018-6065 | 4 Debian, Google, Mi and 1 more | 6 Debian Linux, Chrome, Mi6 Browser and 3 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2018-6069 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
Stack buffer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
CVE-2018-6071 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
CVE-2018-6072 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||||
CVE-2018-6073 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
A heap buffer overflow in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |||||
CVE-2018-6094 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2018-6103 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page. | |||||
CVE-2018-6120 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
An integer overflow that could lead to an attacker-controlled heap out-of-bounds write in PDFium in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. | |||||
CVE-2018-6123 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
A use after free in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2018-6170 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||||
CVE-2018-6178 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension. | |||||
CVE-2018-6187 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file. | |||||
CVE-2018-6358 | 2 Debian, Libming | 2 Debian Linux, Libming | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 is vulnerable to a heap-based buffer overflow, which may allow attackers to cause a denial of service or unspecified other impact via a crafted FDB file. | |||||
CVE-2018-6797 | 4 Canonical, Debian, Perl and 1 more | 5 Ubuntu Linux, Debian Linux, Perl and 2 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written. | |||||
CVE-2018-6913 | 3 Canonical, Debian, Perl | 3 Ubuntu Linux, Debian Linux, Perl | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. | |||||
CVE-2018-7186 | 2 Debian, Leptonica | 2 Debian Linux, Leptonica | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and ptaReadStream functions. | |||||
CVE-2018-7334 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value. | |||||
CVE-2018-7335 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small. | |||||
CVE-2018-7336 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer. |